Issues in PusherBeamsMessage.php (master) - Issues in master - Rich2k/pusher-beams - Measure and Improve Code Quality continuously with Scrutinizer

Issues (8)

Security Analysis no request data

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/PusherBeamsMessage.php (2 issues)

Labels

Duplication 2

Severity

Informational 2

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

namespace Rich2k\PusherBeams;

use Illuminate\Support\Arr;
use Rich2k\PusherBeams\Exceptions\CouldNotCreateMessage;

class PusherBeamsMessage
{
    /**
     * The device platform (iOS/Android).
     *
     * @var string
     */
    protected $platform = 'iOS';

    /**
     * Supported platforms
     *
     * @var array
     */
    protected $supportedPlatforms = ['iOS', 'Android'];

    /**
     * The message title.
     *
     * @var string
     */
    protected $title;

    /**
     * The message body.
     *
     * @var string
     */
    protected $body;

    /**
     * The phone number the message should be sent from.
     *
     * @var string
     */
    protected $sound = 'default';

    /**
     * The message icon (Android).
     *
     * @var string
     */
    protected $icon;

    /**
     * The number to display next to the push notification (iOS).
     *
     * @var int
     */
    protected $badge;

    /**
     * Extra options that will get added to the message.
     *
     * @var array
     */
    protected $options = [];

    /**
     * An extra message to the other platform.
     *
     * @var
     */
    protected $extraMessage;

    /**
     * @param string $body
     *
     * @return static
     */
    public static function create($body = '')
    {
        return new static($body);
    }

    /**
     * @param string $body
     */
    public function __construct($body = '')
    {
        $this->body = $body;
    }

    /**
     * Set the platform [iOS/Android].
     *
     * @param string $platform
     *
     * @return $this
     *
     * @throws \Rich2k\PusherBeams\Exceptions\CouldNotCreateMessage
     */
    public function platform($platform)
    {
        if (!in_array($platform, $this->supportedPlatforms)) {
            throw CouldNotCreateMessage::invalidPlatformGiven($platform);
        }

        $this->platform = $platform;

        return $this;
    }

    /**
     * Set the platform to iOS.
     *
     * @return $this
     */
    public function iOS()
    {
        return $this->platform('iOS');
    }

    /**
     * Set the platform to Android.
     *
     * @return $this
     */
    public function android()
    {
        return $this->platform('Android');
    }

    /**
     * Set an extra message to be sent to Android.
     *
     * @param \Rich2k\PusherBeams\PusherBeamsMessage $message
     * @return $this
     */
    public function withAndroid(PusherBeamsMessage $message)
    {
        $this->withExtra($message->android());

        return $this;
    }

    /**
     * Set an extra message to be sent to iOS.
     *
     * @param \Rich2k\PusherBeams\PusherBeamsMessage $message
     * @return $this
     */
    public function withiOS(PusherBeamsMessage $message)
    {
        $this->withExtra($message->iOS());

        return $this;
    }

    /**
     * Set an extra message to be sent to another platform.
     *
     * @param \Rich2k\PusherBeams\PusherBeamsMessage $message
     * @return void
     */
    protected function withExtra(PusherBeamsMessage $message)
    {
        if ($message->getPlatform() == $this->platform) {
            throw CouldNotCreateMessage::platformConflict($this->platform);
        }

        $this->extraMessage = $message;
    }

    /**
     * Set the message title.
     *
     * @param string $value
     *
     * @return $this
     */
    public function title($value)
    {
        $this->title = $value;

        return $this;
    }

    /**
     * Set the message body.
     *
     * @param string $value
     *
     * @return $this
     */
    public function body($value)
    {
        $this->body = $value;

        return $this;
    }

    /**
     * Set the message sound (Android).
     *
     * @param string $value
     *
     * @return $this
     */
    public function sound($value)
    {
        $this->sound = $value;

        return $this;
    }

    /**
     * Set the message icon (Android).
     *
     * @param string $value
     *
     * @return $this
     */
    public function icon($value)
    {
        $this->icon = $value;

        return $this;
    }

    /**
     * Set the message badge (iOS).
     *
     * @param int $value
     *
     * @return $this
     */
    public function badge($value)
    {
        $this->badge = (int) $value;

        return $this;
    }

    /**
     * @param string $key
     * @param mixed $value
     *
     * @return $this
     */
    public function setOption($key, $value)
    {
        $this->options[$key] = $value;

        return $this;
    }

    /**
     * Get an array representation of the message.
     *
     * @return array
     */
    public function toArray()
    {
        return $this->platform === 'iOS'
            ? $this->toiOS()
            : $this->toAndroid();
    }

    /**
     * Format the message for iOS.
     *
     * @return array
     */
    public function toiOS()

    {
        $message = [
            'apns' => [
                'aps' => [
                    'alert' => [
                        'title' => $this->title,
                        'body' => $this->body,
                    ],
                    'sound' => $this->sound,
                    'badge' => $this->badge,
                ],
            ],
        ];

        $this->formatMessage($message);

        return $message;
    }

    /**
     * Format the message for Android.
     *
     * @return array
     */
    public function toAndroid()

    {
        $message = [
            'fcm' => [
                'notification' => [
                    'title' => $this->title,
                    'body' => $this->body,
                    'sound' => $this->sound,
                    'icon' => $this->icon ?: 'icon',
                ],
            ],
        ];

        $this->formatMessage($message);

        return $message;
    }

    /**
     * Return the current platform.
     *
     * @return string
     */
    public function getPlatform()
    {
        return $this->platform;
    }

    /**
     * Format the final Payload.
     *
     * @param $message
     */
    protected function formatMessage(&$message)
    {
        if ($this->extraMessage) {
            $message = array_merge($message, $this->extraMessage->toArray());
        }

        foreach ($this->options as $option => $value) {
            Arr::set($message, $option, $value);
        }
    }
}


1		<?php
2
3		namespace Rich2k\PusherBeams;
4
5		use Illuminate\Support\Arr;
6		use Rich2k\PusherBeams\Exceptions\CouldNotCreateMessage;
7
8		class PusherBeamsMessage
9		{
10		/**
11		* The device platform (iOS/Android).
12		*
13		* @var string
14		*/
15		protected $platform = 'iOS';
16
17		/**
18		* Supported platforms
19		*
20		* @var array
21		*/
22		protected $supportedPlatforms = ['iOS', 'Android'];
23
24		/**
25		* The message title.
26		*
27		* @var string
28		*/
29		protected $title;
30
31		/**
32		* The message body.
33		*
34		* @var string
35		*/
36		protected $body;
37
38		/**
39		* The phone number the message should be sent from.
40		*
41		* @var string
42		*/
43		protected $sound = 'default';
44
45		/**
46		* The message icon (Android).
47		*
48		* @var string
49		*/
50		protected $icon;
51
52		/**
53		* The number to display next to the push notification (iOS).
54		*
55		* @var int
56		*/
57		protected $badge;
58
59		/**
60		* Extra options that will get added to the message.
61		*
62		* @var array
63		*/
64		protected $options = [];
65
66		/**
67		* An extra message to the other platform.
68		*
69		* @var
70		*/
71		protected $extraMessage;
72
73		/**
74		* @param string $body
75		*
76		* @return static
77		*/
78		public static function create($body = '')
79		{
80		return new static($body);
81		}
82
83		/**
84		* @param string $body
85		*/
86		public function __construct($body = '')
87		{
88		$this->body = $body;
89		}
90
91		/**
92		* Set the platform [iOS/Android].
93		*
94		* @param string $platform
95		*
96		* @return $this
97		*
98		* @throws \Rich2k\PusherBeams\Exceptions\CouldNotCreateMessage
99		*/
100		public function platform($platform)
101		{
102		if (!in_array($platform, $this->supportedPlatforms)) {
103		throw CouldNotCreateMessage::invalidPlatformGiven($platform);
104		}
105
106		$this->platform = $platform;
107
108		return $this;
109		}
110
111		/**
112		* Set the platform to iOS.
113		*
114		* @return $this
115		*/
116		public function iOS()
117		{
118		return $this->platform('iOS');
119		}
120
121		/**
122		* Set the platform to Android.
123		*
124		* @return $this
125		*/
126		public function android()
127		{
128		return $this->platform('Android');
129		}
130
131		/**
132		* Set an extra message to be sent to Android.
133		*
134		* @param \Rich2k\PusherBeams\PusherBeamsMessage $message
135		* @return $this
136		*/
137		public function withAndroid(PusherBeamsMessage $message)
138		{
139		$this->withExtra($message->android());
140
141		return $this;
142		}
143
144		/**
145		* Set an extra message to be sent to iOS.
146		*
147		* @param \Rich2k\PusherBeams\PusherBeamsMessage $message
148		* @return $this
149		*/
150		public function withiOS(PusherBeamsMessage $message)
151		{
152		$this->withExtra($message->iOS());
153
154		return $this;
155		}
156
157		/**
158		* Set an extra message to be sent to another platform.
159		*
160		* @param \Rich2k\PusherBeams\PusherBeamsMessage $message
161		* @return void
162		*/
163		protected function withExtra(PusherBeamsMessage $message)
164		{
165		if ($message->getPlatform() == $this->platform) {
166		throw CouldNotCreateMessage::platformConflict($this->platform);
167		}
168
169		$this->extraMessage = $message;
170		}
171
172		/**
173		* Set the message title.
174		*
175		* @param string $value
176		*
177		* @return $this
178		*/
179		public function title($value)
180		{
181		$this->title = $value;
182
183		return $this;
184		}
185
186		/**
187		* Set the message body.
188		*
189		* @param string $value
190		*
191		* @return $this
192		*/
193		public function body($value)
194		{
195		$this->body = $value;
196
197		return $this;
198		}
199
200		/**
201		* Set the message sound (Android).
202		*
203		* @param string $value
204		*
205		* @return $this
206		*/
207		public function sound($value)
208		{
209		$this->sound = $value;
210
211		return $this;
212		}
213
214		/**
215		* Set the message icon (Android).
216		*
217		* @param string $value
218		*
219		* @return $this
220		*/
221		public function icon($value)
222		{
223		$this->icon = $value;
224
225		return $this;
226		}
227
228		/**
229		* Set the message badge (iOS).
230		*
231		* @param int $value
232		*
233		* @return $this
234		*/
235		public function badge($value)
236		{
237		$this->badge = (int) $value;
238
239		return $this;
240		}
241
242		/**
243		* @param string $key
244		* @param mixed $value
245		*
246		* @return $this
247		*/
248		public function setOption($key, $value)
249		{
250		$this->options[$key] = $value;
251
252		return $this;
253		}
254
255		/**
256		* Get an array representation of the message.
257		*
258		* @return array
259		*/
260		public function toArray()
261		{
262		return $this->platform === 'iOS'
263		? $this->toiOS()
264		: $this->toAndroid();
265		}
266
267		/**
268		* Format the message for iOS.
269		*
270		* @return array
271		*/
272	View Code Duplication	public function toiOS()
		0 ignored issues – show Duplication introduced 2019-02-07 11:43 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
273		{
274		$message = [
275		'apns' => [
276		'aps' => [
277		'alert' => [
278		'title' => $this->title,
279		'body' => $this->body,
280		],
281		'sound' => $this->sound,
282		'badge' => $this->badge,
283		],
284		],
285		];
286
287		$this->formatMessage($message);
288
289		return $message;
290		}
291
292		/**
293		* Format the message for Android.
294		*
295		* @return array
296		*/
297	View Code Duplication	public function toAndroid()
		0 ignored issues – show Duplication introduced 2019-02-07 11:43 UTC by Report Bug Copy Issue Report Show Similar Issues like this This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
298		{
299		$message = [
300		'fcm' => [
301		'notification' => [
302		'title' => $this->title,
303		'body' => $this->body,
304		'sound' => $this->sound,
305		'icon' => $this->icon ?: 'icon',
306		],
307		],
308		];
309
310		$this->formatMessage($message);
311
312		return $message;
313		}
314
315		/**
316		* Return the current platform.
317		*
318		* @return string
319		*/
320		public function getPlatform()
321		{
322		return $this->platform;
323		}
324
325		/**
326		* Format the final Payload.
327		*
328		* @param $message
329		*/
330		protected function formatMessage(&$message)
331		{
332		if ($this->extraMessage) {
333		$message = array_merge($message, $this->extraMessage->toArray());
334		}
335
336		foreach ($this->options as $option => $value) {
337		Arr::set($message, $option, $value);
338		}
339		}
340		}
341

Rich2k / pusher-beams

Issues (8)

Security Analysis no request data

src/PusherBeamsMessage.php (2 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like